All the latest UK technology news, reviews and analysis


Microsoft delivers seven updates in October patch release

09 Oct 2012
New Microsoft logo

Microsoft has released an October security update which includes seven bulletin postings and an update to the way Windows handles security keys.

The company said that the Patch Tuesday release would in all patch 20 different security vulnerabilities, including two which have been rated by the company as 'critical' risks and top deployment priorities.

The lone 'critical' bulletin remedies two security issues in the way Word handles Rich Text Format (RTF) code in documents and email messages. If exploited, the flaws could be used by attackers for remote code execution attacks.

"Only one of the two issues addressed by this bulletin is rated Critical, but in that case, an attacker could run code in the context of the logged- on user if they were to open a specially crafted Rich Text Format (RTF) file or previews or open a specially crafted RTF email message," the company said in a post to its TechnNet security blog.

Other bulletins in the October update address flaws in Office, SharePoint, SQL Server, Lync and Windows. The remaining six bulletins are rated as 'important' and include flaws for remote code execution, denial of service and elevation of privileges.

Microsoft is also issuing the final step in its efforts to improve encryption practices. The company on Tuesday made good on a promise to disable RSA security keys which are less than 1024 bits in length.

Paul Henry, forensics and security analyst with Lumension, said that administrators should have long since equipped themselves for the change over, and those who have not would be well-served to do so immediately.

"This patch has been optional since August and we hope you’ve taken the time to test it and patch it," Henry said.

"It will no longer be optional after today’s patches. Don’t let this be an 'I told you so' moment."

  • Comment  
  • Tweet  
  • Google plus  
  • Facebook  
  • LinkedIn  
  • Stumble Upon  
Shaun Nichols
About

Shaun Nichols is the US correspondent for V3.co.uk. He has been with the company since 2006, originally joining as a news intern at the site's San Francisco offices.

More on Operating Systems
What do you think?
blog comments powered by Disqus
Poll

BYOD vs CYOD vs BYOC poll

Which approach is your firm taking to managing employees' mobile devices?
21%
13%
4%
21%
31%
10%

Popular Threads

Powered by Disqus
Sony Xperia Z2 Tablet powered by Android KitKat 4.4

Sony Xperia Z2 Tablet video

We take a look at the lightweight, waterproof tablet

Updating your subscription status Loading
Newsletters

Get the latest news (daily or weekly) direct to your inbox with V3 newsletters.

newsletter sign-up button
hpv33

Data protection: the key challenges

Deduplication is a foundational technology for efficient backup and recovery

rdc2

iPad makes its mark in the enterprise

The iPad can become a supercharged unified communications endpoint, allowing users to enhance their productivity

Software Development Engineer

Develop: Customise: Configure. Maximise your technical...

Head of Business Systems Projects

Head of Business Systems Projects West Midlands...

Online Systems Manager

Online Systems Manager We are looking for an Online...

Business Analyst

Discover your future at Lincoln Department of PMO...
To send to more than one email address, simply separate each address with a comma.